mace-opensaml-users - RE: SAMLAuthorizationDecision
Subject: OpenSAML user discussion
List archive
- From: "Ed Reed" <>
- To: <>, <>
- Cc: <>
- Subject: RE: SAMLAuthorizationDecision
- Date: Mon, 24 May 2004 09:06:11 -0600
Okay, I've had some trouble figuring out what statements like that
mean...
consider some other mechanism...
Does that mean that you expect a non-SAML protocol that is built
around
a XACML protocol to be used to ask things like "what roles are active",
or
"does this user, given whatever roles they're in, have this permission
at
this time"?
Is there any protocol work in XACML at all?
I rather thought XACML could be used to express information in
SAML, and that SAML attribute assertions would likely continue
to be useful.
Am I wrong?
>>> Scott Cantor
>>> <>
>>> 5/24/2004 10:34:26 AM >>>
Do be aware that SAML 2.0 effectively freezes those pieces and won't
be
developing them any further. They were kept in 2.0 because some were
using
them, but anybody starting from scratch at this point might want to
think
twice before using them and look at XACML or some other mechanism.
-- Scott
- SAMLAuthorizationDecision, Gabriel López, 05/24/2004
- <Possible follow-up(s)>
- Re: SAMLAuthorizationDecision, andy, 05/24/2004
- Re: SAMLAuthorizationDecision, Gabriel López, 05/24/2004
- RE: SAMLAuthorizationDecision, Scott Cantor, 05/24/2004
- Re: SAMLAuthorizationDecision, Gabriel López, 05/24/2004
- RE: SAMLAuthorizationDecision, Ed Reed, 05/24/2004
- RE: SAMLAuthorizationDecision, RL 'Bob' Morgan, 05/24/2004
- Re: SAMLAuthorizationDecision, Gabriel López, 05/24/2004
- RE: SAMLAuthorizationDecision, RL 'Bob' Morgan, 05/24/2004
- RE: SAMLAuthorizationDecision, Scott Cantor, 05/24/2004
- RE: SAMLAuthorizationDecision, Ed Reed, 05/24/2004
Archive powered by MHonArc 2.6.16.